hay guies, I have setup a public download site on my server
public.diehard67.dyndns.org/pub
just about all the stuff on the server I have collected from elseware.
comments sugestions questions corections!! are welcome.
public download site
-
diehard67
- On a Flight into Space
- Posts: 1691
- Joined: 14 years ago
- Location: lost in the disaster that is my mind
- Contact:
public download site
my public downloads on my home server
my website also on my home server
facebook pm me here if you add me on facebook please.
twitter
my website also on my home server
facebook pm me here if you add me on facebook please.
You should consider hiding the version of your web server 
If you don't, someone wanting to attack you will just go for a search to pick an attack tailored for your exact web server version 
irate:
Don't think no one will pay attention to you. As you, I have a web server in my bedroom online since more than 6 years, and it was hit by countless vicious attacks. Fortunately none of them went through.
If you don't, someone wanting to attack you will just go for a search to pick an attack tailored for your exact web server version irate:
Don't think no one will pay attention to you. As you, I have a web server in my bedroom online since more than 6 years, and it was hit by countless vicious attacks. Fortunately none of them went through.
The real sign that someone has become a fanatic is that he completely loses his sense of humor about some important facet of his life. When humor goes, it means he's lost his perspective.
Wedge Antilles
Star Wars - Exile
Wedge Antilles
Star Wars - Exile
-
diehard67
- On a Flight into Space
- Posts: 1691
- Joined: 14 years ago
- Location: lost in the disaster that is my mind
- Contact:
thanx for the tip, I have seen a bunch of ssh login atempts in the logs once but nothing happened from it, except for me emailing there isps snippets of log files reporting the hacking lol.
my public downloads on my home server
my website also on my home server
facebook pm me here if you add me on facebook please.
twitter
my website also on my home server
facebook pm me here if you add me on facebook please.
-
diehard67
- On a Flight into Space
- Posts: 1691
- Joined: 14 years ago
- Location: lost in the disaster that is my mind
- Contact:
I am thinking of recoding all the flv files indo mpeg 2 (like a dvd, sortof), let me know what you think
fafner, any spesfic apache settings you recommend changeing, I altered a bunch this afternoon.
fafner, any spesfic apache settings you recommend changeing, I altered a bunch this afternoon.
my public downloads on my home server
my website also on my home server
facebook pm me here if you add me on facebook please.
twitter
my website also on my home server
facebook pm me here if you add me on facebook please.
The server version isn't visible anymore 
About those ssh connections, I must say I have litterally millions of them in my logs. At first I tried to send e-mails here and there, but never got an answer. I learned later that they come from a big botnet class that exploit badly secured servers. Basically, it just scans for frequent accounts with default passwords (such as "john/johnpw"). Decently secured servers don't get exploited, but given the awesome number of connection attempts I found in my logs, I guess there are countless incompetent sysadmins roaming everywhere around the net
The best way to cope with those is to move the ssh port elsewhere (it seems you did, or at least you restricted it by IP address as I couldn't find it). Personnally I decided to let it on port 22, just to have some statitics; I never bothered to put a honeypot instead. To make sure none of them manage to login by pure chance, I put a smoke of screen:
1) root account is forbidden by ssh. It acts as if you could connect using root, accepting username and password, but invariably returns an access denied even if the password is correct. So all attempts on root are doomed from the beginning.
2) I set up a special account that is the only one that can connect from the outside and is in the wheel group (it has no other purposes, and therefore holds no data and no privilege except the wheel group). Some other accounts are accessible from the outside, but aren't in the wheel group, making them useless for the root compromission. The username of the account is secret, similar to a (weak) password, making things even more difficult for a potential attacker. So far, none of the failed connection attempts tried the correct username, unless my own failed attempts.
I have no doubt that if, say, the FBI wanted to root my computer they might make their way to it (with a big "maybe" though). But otherwise it is simply not cost-effective for the standard botnet, which has anyway tons of badly-secured computers everywhere.
About those ssh connections, I must say I have litterally millions of them in my logs. At first I tried to send e-mails here and there, but never got an answer. I learned later that they come from a big botnet class that exploit badly secured servers. Basically, it just scans for frequent accounts with default passwords (such as "john/johnpw"). Decently secured servers don't get exploited, but given the awesome number of connection attempts I found in my logs, I guess there are countless incompetent sysadmins roaming everywhere around the net
The best way to cope with those is to move the ssh port elsewhere (it seems you did, or at least you restricted it by IP address as I couldn't find it). Personnally I decided to let it on port 22, just to have some statitics; I never bothered to put a honeypot instead. To make sure none of them manage to login by pure chance, I put a smoke of screen:
1) root account is forbidden by ssh. It acts as if you could connect using root, accepting username and password, but invariably returns an access denied even if the password is correct. So all attempts on root are doomed from the beginning.
2) I set up a special account that is the only one that can connect from the outside and is in the wheel group (it has no other purposes, and therefore holds no data and no privilege except the wheel group). Some other accounts are accessible from the outside, but aren't in the wheel group, making them useless for the root compromission. The username of the account is secret, similar to a (weak) password, making things even more difficult for a potential attacker. So far, none of the failed connection attempts tried the correct username, unless my own failed attempts.
I have no doubt that if, say, the FBI wanted to root my computer they might make their way to it (with a big "maybe" though). But otherwise it is simply not cost-effective for the standard botnet, which has anyway tons of badly-secured computers everywhere.
Last edited by fafner on Mon Jun 14, 2010 4:45 pm, edited 2 times in total.
The real sign that someone has become a fanatic is that he completely loses his sense of humor about some important facet of his life. When humor goes, it means he's lost his perspective.
Wedge Antilles
Star Wars - Exile
Wedge Antilles
Star Wars - Exile
-
diehard67
- On a Flight into Space
- Posts: 1691
- Joined: 14 years ago
- Location: lost in the disaster that is my mind
- Contact:
you are fight I did move the ssh prots in my router to some high number ports to get them out of the way, havent seen any access atempts scence other then ming, my servers are inside of my network and I faward ports threw a router for the relivent services.
faram45, I have no more subbed eps
faram45, I have no more subbed eps
my public downloads on my home server
my website also on my home server
facebook pm me here if you add me on facebook please.
twitter
my website also on my home server
facebook pm me here if you add me on facebook please.
Return to “General Discussion”
Who is online
Users browsing this forum: No registered users and 93 guests
